CISA, in partnership with the American Coast Guard (USCG), published a joint cybersecurity opinion aimed at helping organizations of critical infrastructure to improve their cyber hygiene. This follows a proactive commitment to hunting threats carried out in a critical infrastructure establishment in the United States.
During this commitment, the CISA and the USCG did not find evidence of malicious cyber-activity or the presence of actors on the organization of organizations, but identified several risks of cybersecurity. CISA and USCG share their associated results and attenuations to help other critical infrastructure organizations identify similar potential problems and take proactive measures to improve their cybersecurity posture. Attenuations include best practices such as password non-storage or identification information in clear text, avoid sharing local administrator account identification and implementing a complete journalization.
For more detailed attenuations concerning the risk of cybersecurity identified, review the joint cybersecurity council: CISA and USCG identify the areas for the improvement of cyber-hygiene after having done a proactive threat to US Critical Infrastructure Organization.
